Is the user name and password used securely?

08 March 2009

The user name and password are used in two places. First, the installer itself contains a small DLL written in C++ that uses the user name and password to log in once, and then immediately log out. This is a measure to keep you from using a bad user name/password combination that would prevent TNTMonitoring from running. If you want to audit the source code, you will find the code in the RunAsEx project.

Second, the user name and password are used to start the schedule job (in version 1.x) or the service (since version 2.0).

If you only need to check the server itself and not any domain members, you can change the TNTMonitoring service to use the local system account instead.